2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC)最新文献

{"title":"Publisher's Information","authors":"","doi":"10.1109/prdc.2018.00054","DOIUrl":"https://doi.org/10.1109/prdc.2018.00054","url":null,"abstract":"","PeriodicalId":409301,"journal":{"name":"2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130199153","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Mobile Software Security with Dynamic Analysis","authors":"H. Shahriar, K. Qian, Md Arabin Islam Talukder, D. Lo, Nidhibahen Patel","doi":"10.1109/PRDC.2018.00039","DOIUrl":"https://doi.org/10.1109/PRDC.2018.00039","url":null,"abstract":"The majority of malicious mobile attacks take advantage of vulnerabilities in mobile software (applications), such as sensitive data leakage, unsecured sensitive data storage, data transmission, and many others. Most of these vulnerabilities can be detected by analyzing the mobile software. In this paper, we describe a tainted dataflow approach to detect mobile software security vulnerability, particularly, SQL Injection.","PeriodicalId":409301,"journal":{"name":"2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128967933","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Effects of GPS Spoofing on Unmanned Aerial Vehicles","authors":"Daniel Mendes, N. Ivaki, H. Madeira","doi":"10.1109/PRDC.2018.00026","DOIUrl":"https://doi.org/10.1109/PRDC.2018.00026","url":null,"abstract":"Unmanned Aerial Vehicles (UAVs) are no longer exclusively military and scientific solutions. These vehicles have been growing in popularity among hobbyist and also as industrial solutions for specific activities. The flying characteristics and the absence of a crew on board of these devices allow them to perform a wide variety of activities, which can be inaccessible to humans or may threat their life. Despite the advantages, they also bring up major concerns regarding security breaches in the flight controller software, which may lead to security (e.g., vehicle hijacking by attackers), safety (e.g., crashing the vehicle into a planned area or building), or privacy (e.g., eavesdropping or stealing video footage) problems. GPS spoofing is one the main threat of UAVs. The predictability and knowledge of GPS signal properties, create conditions to attackers to assume control of the UAV and use it for their own objectives. In this paper the GPS spoofing effect on UAV is analyzed through a series of tests, under a simulation environment. The results are shown as deviation from the original trajectory and attack success, and analyzed over time and by attack type.","PeriodicalId":409301,"journal":{"name":"2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129584905","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Evaluating the Security of IoT Networks with Mobile Devices","authors":"Amelia Samandari, Mengmeng Ge, Jin B. Hong, Dong Seong Kim","doi":"10.1109/PRDC.2018.00028","DOIUrl":"https://doi.org/10.1109/PRDC.2018.00028","url":null,"abstract":"The Internet of Things (IoT) is a network comprised of heterogeneous devices that can exchange data without requiring human-to-human or human-to-computer interactions. However, there are various vulnerabilities found due to the heterogeneity of the IoT network. Moreover, the mobility of IoT devices causes potential dynamic changes to the attack surfaces of IoT networks. As a result, static network security analysis approaches cannot capture these changes. In order to address this problem, we present an IoT security assessment approach by modelling different movement patterns of mobile IoT devices. Graphical security models are used in conjunction to evaluate the security of the IoT networks taking into account the mobility of the IoT devices. Further, we use various security metrics to analyze the security of the network to show the changing security posture when mobility is taken into account. The feasibility of the proposed approach is demonstrated by analyzing the security of an example mobile IoT network using three existing synthetic mobility models: Random Waypoint, Gauss-Markov and Reference Point Group. The experimental analysis shows the changing attack surface of the IoT networks when mobile devices are considered.","PeriodicalId":409301,"journal":{"name":"2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121019562","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Message from General Co-Chairs","authors":"","doi":"10.1109/prdc.2018.00005","DOIUrl":"https://doi.org/10.1109/prdc.2018.00005","url":null,"abstract":"It is our great pleasure to welcome you all at the 32-nd IEEE International Conference on Advanced Information Networking and Applications (IEEE AINA 2018), which will be held at Pedagogical University of Cracow, Poland from May 16 to May 18, 2018. IEEE AINA International Conference is a forum for sharing ideas and research work in the emerging areas of information networking and their applications. The area of advanced networking has grown very rapidly and the applications around it have experienced an explosive growth especially in the area of pervasive and mobile applications, sensor networks, ad-hoc networks, vehicular networks, multimedia computing and social networking, semantic collaborative systems, as well as Grid, P2P, IoT and Cloud Computing. This advanced networking revolution is transforming the way people live, work, and interact with each other, and is impacting the way business, education, entertainment, and health care are operating. The papers included in the proceedings covers theory, design and application of computer networks, distributed computing and information systems. Each year AINA receives a lot of paper submissions from all around the world. It has maintained high quality accepted papers and is aspiring to be one of the main international conferences on the Information Networking in the world. In conjunction with IEEE AINA 2018 conference there are 15 workshops, which also accepted good quality papers. An international conference of this size requires the support and help of many people. A lot of people have helped and worked hard to produce a successful IEEE AINA 2018 technical program and conference proceedings. First, we would like to thank all authors for submitting their papers, the session chairs and distinguished keynote speakers. We are indebted to Program Area Chairs, Program Committee Members and reviewers, who carried out the most difficult work of carefully evaluating the submitted papers. We would like to give our special thanks to Prof. Makoto Takizawa and Prof. Leonard Barolli, the Co-Chairs of the Steering Committee for their strong encouragement, guidance and insights, and for spending a lot of energy for conference organization and shaping the conference program. We would like to thank PC Co-Chairs and Workshops Co-Chairs of AINA 2018 for their great contribution to the success of the conference. Our special thanks go to Makoto Ikeda as Finance Chair, and Donald Elmazi, Yi Liu and Miralda Cuka as Web Administrator Co-Chairs. Finally, we would like to thank the Local Arrangement Team for the support and good local arrangement for the conference. We do hope that you will have a great time in Cracow, Poland","PeriodicalId":409301,"journal":{"name":"2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC)","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125822376","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Detecting Malicious Web Scraping Activity: A Study with Diverse Detectors","authors":"Pedro Marques, Zayani Dabbabi, Miruna-Mihaela Mironescu, Olivier Thonnard, A. Bessani, F. Buontempo, Ilir Gashi","doi":"10.1109/PRDC.2018.00049","DOIUrl":"https://doi.org/10.1109/PRDC.2018.00049","url":null,"abstract":"We present results on the use of diverse monitoring tools for the detection of malicious web scraping activity. We have carried out an analysis of a real dataset of Apache HTTP Access logs for an e-commerce application provided by a large multinational IT provider for the global travel and tourism industry. Two tools have been used to detect scraping activities based on the HTTP requests: a commercial tool, and an in-house tool called Arcane. We show the benefits that can be achieved through the use of both systems, in terms of overall sensitivity and specificity, and we discuss the potential sources of diversity between the tool's alert patterns.","PeriodicalId":409301,"journal":{"name":"2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123340931","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Experimental Resilience Assessment of an Open-Source Driving Agent","authors":"A. Rubaiyat, Yongming Qin, H. Alemzadeh","doi":"10.1109/PRDC.2018.00016","DOIUrl":"https://doi.org/10.1109/PRDC.2018.00016","url":null,"abstract":"Autonomous vehicles (AV) depend on the sensors like RADAR and camera for the perception of the environment, path planning, and control. With the increasing autonomy and interactions with the complex environment, there have been growing concerns regarding the safety and reliability of AVs. This paper presents a Systems-Theoretic Process Analysis (STPA) based fault injection framework to assess the resilience of an open-source driving agent, called openpilot, under different environmental conditions and faults affecting sensor data. To increase the coverage of unsafe scenarios during testing, we use a strategic software fault-injection approach where the triggers for injecting the faults are derived from the unsafe scenarios identified during the high-level hazard analysis of the system. The experimental results show that the proposed strategic fault injection approach increases the hazard coverage compared to random fault injection and, thus, can help with more effective simulation of safety-critical faults and testing of AVs. In addition, the paper provides insights on the performance of openpilot safety mechanisms and its ability in timely detection and recovery from faulty inputs.","PeriodicalId":409301,"journal":{"name":"2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC)","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116909808","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}